[Samba] issues with Windows 7 roaming profiles

Preston Hagar prestonh at gmail.com
Mon Nov 12 13:44:53 MST 2012 

On Mon, Nov 12, 2012 at 6:02 AM, Thierry Lacoste <lacoste at u-pec.fr> wrote:
> I made some modifications but still cannot use my Windows7 with a domain account.
>
> On 10 nov. 2012, at 12:27, Thierry Lacoste wrote:
>
>> Hello,
>>
>> I have a centOS 5.5 box acting as as a PDC with samba 3.4.9 and openldap 2.4.22.
>> Then I joined the domain with a centOS box (samba 3.4.17) which hosts the homes and profiles.
>> I have no problem with XP clients.
>>
>> I can join a windows 7 client to my domain but it is unable to load the profile when logging in.
>> See below a level 2 log.smdb from the file server when I log in with a domain account.
>>
>> Is the "unable to create profs/lacoste.V2" the culprit ?
> I created a directory profs/lacoste.V2 and put an NTUSER.DAT
> (build for a local user added to the windows 7 box) in it.
> This box still won't let me in; it closes the session during the course of opening the session.
>
> Here are my settings.
>
> - smb.conf on the PDC :
>
> [global]
>   workgroup = MIAGE
>   netbios name = VCOS-CASTOR
>   netbios aliases = ALDAP3
>
>   passdb backend = ldapsam:ldap://localhost
>
>   add machine script = /usr/sbin/smbldap-useradd -w '%u'
>
>   loglevel = 2
>
>   domain logons = Yes
>   preferred master = Yes
>   domain master = Yes
>   wins support = Yes
>
>   ldap suffix = o=miage
>   ldap machine suffix = ou=Computers,ou=Accounts
>   ldap user suffix = ou=Users,ou=Accounts
>   ldap group suffix = ou=Groups
>   ldap admin dn = cn=sambamgr,ou=Managers,o=miage
>   ldap passwd sync = yes
>
>   enable privileges = yes
>
>   ssl = Off
>
> [netlogon]
>   comment = Network Logon Service
>   path = /samba/netlogon
>   admin users = root
>   guest ok = Yes
>   browseable = No
>
> [public]
>   path = /samba/public
>   guest ok = Yes
>
>
> - smb.conf on my file server :
> [global]
> workgroup = MIAGE
> netbios name = VCOS-CAPELLA
> security = DOMAIN
> name resolve order = wins bcast
> wins server = 194.214.12.135 # IP of my PDC
> netbios aliases = AHOMES APROFILES
> server string = %L
> password server = ALDAP3
>
> log level = 2
>
> [homes]
>   comment = Home Directories
>   valid users = %S
>   read only = No
>   browseable = No
>
> [Profiles]
>   comment = Roaming Profile Share
>   path = /export/profiles
>   read only = No
>   profile acls = Yes
>   vfs object = fake_perms
>
>
> - level 2 log.smdb from the file server :
>
> [2012/11/12 12:47:30,  2] smbd/sesssetup.c:1360(setup_new_vc_session)
>   setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
> [2012/11/12 12:47:30,  2] smbd/sesssetup.c:1360(setup_new_vc_session)
>   setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
> [2012/11/12 12:47:30,  2] auth/auth.c:310(check_ntlm_password)
>   check_ntlm_password:  authentication for user [lacoste] -> [lacoste] -> [lacoste] succeeded
> [2012/11/12 12:47:30,  2] lib/module.c:64(do_smb_load_module)
>   Module '/usr/lib/samba/vfs/fake_perms.so' loaded
> [2012/11/12 12:47:30,  1] smbd/service.c:1063(make_connection_snum)
>   test-win7 (::ffff:194.214.12.168) connect to service Profiles initially as user lacoste (uid=5001, gid=4000) (pid 8617)
> [2012/11/12 12:47:30,  1] smbd/service.c:1063(make_connection_snum)
>   test-win7 (::ffff:194.214.12.168) connect to service lacoste initially as user lacoste (uid=5001, gid=4000) (pid 8617)
> [2012/11/12 12:47:41,  1] smbd/service.c:1240(close_cnum)
>   test-win7 (::ffff:194.214.12.168) closed connection to service Profiles
> [2012/11/12 12:47:41,  1] smbd/service.c:1240(close_cnum)
>   test-win7 (::ffff:194.214.12.168) closed connection to service lacoste
>
> Best regards,
> Thierry Lacoste.
>


A couple of things to check.  Make sure you have the registry settings
set that are recommended here:

https://wiki.samba.org/index.php/Windows7#Windows_7_Registry_settings

Also, you may need a [profiles.V2] share as described here:

http://lists.samba.org/archive/samba-technical/2007-April/052674.html

As a last note, last time I looked into this (and asked the list) Win
7 roaming profiles and Win XP roaming profiles could not be shared.
Each user would have a new, separate profile for each version of
windows.  Hopefully someone will correct me if I am wrong.

Preston

More information about the samba mailing list